Backup Policy Model

BASIC BACKUP CONCEPTS AND PREREQUISITES

Reliable and consistent backup of all critical business data and applications is one of the holy grails of information system security. It is your only defense against a wide variety of disasters or business-threatening events. Some definitions are in order before we proceed with this discussion:

Applications – a program or suite of programs to perform a specific function, such as Citrix Presentation Server and the iQuest application suite and its associated database.
Backup – a copy of a dataset, application or systems software held on a separate device to the original. This copy may be in a compressed format.
Backup set - for a daily backup regime, the backup set would consist of five to seven backups, one for each day of the working week or for the entire 7 day week.
Full backup – all files and data nominated are backed up regardless of whether or not they have been changed since the last backup. This is the recommended solution, especially for relatively small data sets (.5 terabytes or less).
Incremental Backup – only files and data nominated that have been changed since the last backup are backed up. While this sounds good in theory, it is difficult to administer in practice. Not recommended.
Differential backup - only files and data nominated that have been changed since the last full backup are backed up. As with Incremental Backup, this sounds good in theory, it is difficult to administer in practice. Not recommended.
Network Appliances – switches, routers, firewalls, bastion hosts, etc.
Off-site Storage - may include any secure location other than where business critical data or software is in use.
Restore – the ability to retrieve a previously backed up copy of a file and restore it to its original location and functionality.
Software – any type of program that runs on a computer, including operating systems, applications.

Data Backup / Restoration Policy Statement:

To protect Your Company’s business information and to ensure business continuity it is essential that:

All critical data are routinely backed up and stored in a secure and reliable manner.
Procedures for restoration of the backup data must be simple and effective.
Backups will be verified for integrity and usability on a weekly basis.

The goal is to enable Your Company to resume operations within half a business day from the point of disaster.”

*Data Backup Policy*
*Workstation Data and Images*	Policy	Responsible	Implementation	Result
*Item 1*	Workstation images (disk images) should be backed up every 90 days, or when there are significant changes to a workstation’s configuration or application complement.	Sys Admin, Consultant	Use Acronis TrueImage Workstation for Windows workstations or suitable backup software for Mac workstations to write disk image backups to a designated NAS device. Select maximum compression option for disk images.	Done No In Progress TBD
*Item 2*	Email archives and address book files should be backed up every day	Sys Admin, Consultant	Implemented within email app, written to a designated NAS device.	Done No In Progress TBD
*Server-side data and server images*	*Policy*	*Responsible*	*Implementation*	Result
*Item 1*	Line-of-Business data resident on HP UX server emerald should be backed up daily at 9:00 PM to a directory on the Line-of-Business / Citrix server ELECTRUM.	Sys Admin, Consultant	Scripted backup. Script will run on HP UX server emerald.	Done No In Progress TBD
*Item 2*	The Line-of-Business Citrix server ELECTRUM is currently backed up daily at 10:00 PM as an image of the entire server via Acronis True Image to the COMPANY_SAN NAS device. This is a rolling 7 day backup of the server image.	Sys Admin, Consultant	Use CD Burner XP application running on server ELECTRUM to archive to 4.7 GB DVD/RW media on a daily basis.	Done No In Progress TBD
*Item 3*	Line-of-Business data resident on HP UX server emerald is currently backed up daily at 11:30 PM to a tape drive attached to HP UX server emerald.	Sys Admin, Consultant	Scripted backup. Script runs on HP UX server emerald. Requires DDS2 4 GB tape cartridges. Tapes should be labeled accordingly and removed off site daily.	Done No In Progress TBD
*Item 4*	Apple server XServer1 should be backed up as an image to a suitable storage device.	Sys Admin, Consultant	TBD	Done No In Progress TBD

Network Appliances

Policy

Responsible

Implementation

Result

Firewalls / routers

Network devices should be backed up whenever a change is made to them, or every 90 days, whichever comes first.

Sys Admin, Consultant

Configuration file saved to repository on ELECTRUM. Backed daily as part of server image.

Done

In Progress

TBD

Switches

Switch NETGEAR FS726 TP is a managed device. Config file available for backup.

Sys Admin, Consultant

Configuration file saved to repository on server ELECTRUM. Backed daily as part of server image.

Done

In Progress

TBD

*Data Restoration Policy*
*Restoration*	Policy	Responsible	Implementation	Result
*Data, Disk Images*	The restoration process must be tested on a regular basis. This can be by verification or by a random testing process. The method of testing the restoration process will be specified in the Backup/Restoration Procedures Manual for the system.	Sys Admin, Consultant	TBD	Done No In Progress TBD N/A
*Systems, applications and network devices*	Normally in the case of a failure the system would be rebuilt rather than restored from a backup. However, in case of a problem with the rebuild process the restoration procedures should be tested at least annually	Sys Admin, Consultant	TBD	Done No In Progress TBD N/A